FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » General » PHP discussions » Problems getting LDAPS to work
Show: Today's Messages :: Unread Messages :: Show Polls :: Message Navigator
| Subscribe to topic | Bookmark topic 
Switch to threaded view of this topic Create a new topic Submit Reply
Problems getting LDAPS to work [message #166947] Fri, 06 April 2012 10:38 Go to next message
Multitool is currently offline  Multitool
Messages: 47
Registered: February 2012
Karma: 1
Member
add to buddy list
ignore all messages by this user
For some reason, I can't seem to get LDAPS to work from within the FUDforum LDAP plugin. Normal LDAP works fine, but for some reason I always get a connection error when trying to use LDAPS.

If I create a stand-alone PHP script that is essentially exactly the same as the LDAP plugin code and run this separately, it always works. But running essentially the same code from within FUDforum does not work, and I can't understand why.

My stand-alone test script looks like this:

<?php
$ldapurl 
'ldaps://ldap.example.com/';
$ldapproxydn '<proxy-dn>';
$ldapproxypassword '<proxy-password>';
        
$connection ldap_connect($ldapurl);
        if (!
$connection) {
                echo 
'Unable to connect to an LDAP server. (Debug 1)';
                return 
0;
        }
        @
ldap_set_option($connectionLDAP_OPT_PROTOCOL_VERSION3);
        @
ldap_set_option($connectionLDAP_OPT_REFERRALS0);
        
// Connection made -- bind
                
$bind = @ldap_bind($connection$ldapproxydn$ldapproxypassword);
        if (!
$bind) {
                echo 
'Bind to LDAP failed:'ldap_error($connection), ' (Debug 3)';
                return 
0;
        } else {
                echo 
'Success!';
        }
        
ldap_close($connection);
?>


This ALWAYS works and binds successfully, regardless of whether I use LDAP or LDAPS. I even tried running the script as the 'apache' user, and it still worked perfectly. Shocked

However, the identical code when called within FUDforum does not work if LDAPS is used - it only works if I change the url to use normal LDAP.

I can see from tcpdump that FUDforum is communicating with the LDAPS server on port 636, but obviously I can't see inside any of the packets as they're encrypted Laughing

Any ideas why this would work outside of FUDforum, but not when called from within FUDforum?
Re: Problems getting LDAPS to work [message #166958 is a reply to message #166947] Mon, 09 April 2012 10:57 Go to previous messageGo to next message
naudefj is currently offline  naudefj   South Africa
Messages: 3632
Registered: December 2004
Karma: 17
Senior Member
Administrator
Core Developer
add to buddy list
ignore all messages by this user
Remove all the '@' signs before the functions and configure PHP to display errors:

ini_set('display_errors', 1);
error_reporting(E_ALL);

Re: Problems getting LDAPS to work - SOLVED! [message #167911 is a reply to message #166947] Thu, 08 November 2012 08:30 Go to previous message
Multitool is currently offline  Multitool   United Kingdom
Messages: 47
Registered: February 2012
Karma: 1
Member
add to buddy list
ignore all messages by this user
Just in case anyone else is having similar problems, I found that deleting the "plugin_cache" file from FUDforum's cache directory fixed the issue.

After deleting this file, LDAPS started working.
Quick Reply
Formatting Tools:   
  Switch to threaded view of this topic Create a new topic
Previous Topic: Google Analytics
Next Topic: PHP object scope
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Dec 15 18:47:19 EST 2017

Total time taken to generate the page: 0.00802 seconds